GET THE APP:  CURRENTLY HOT:   Android Fire TV Fire TV Forums HTC One M8 Moto 360

Koush releases open-sourced SuperUser app for rooters [VIDEO]

Well… that was fast. It was only a few days ago that we learned Koushik Dutta would be making his next project a superuser app for rooted devices. Chainfire’s SuperUser app is great, but it’s not open-sourced. Chainsdd’s app is open-source, but rather outdated. Koush made it his job to bring an updated, modern, and open-sourced version of the app that enables us to do all sorts of cool things with our phones.

The deed has already been done, and he’s calling the result Clockworkmod SuperUser. The app brings us a lot of cool features. For starters, there’s support for Android 4.2 tablets’ multiple user profiles, advanced logging features, PIN protection, support for both X86 and ARM architectures, customized notifications, and more.

One big feature Koush is trying to push is a new Android permission — android.permisison.ACCESS_SUPERUSER — that will let users (and the Superuser app) know if an app has code that is going to request superuser access. The change will be purely cosmetic at first, but the plan is make it so that the app will automatically deny apps superuser permission if that app doesn’t have the permission declared. Here’s a better explanation from the man himself:

Android has a way for apps to create and request various permissions via the AndroidManifest.xml file. This is how the list of permissions and features shown in an app’s Google Play description is generated. Superuser should definitely be listed there. But currently, no such permission exists to be enforced, which is a terrible precedent:
You can download an app, and without your prior knowledge it can request Superuser access.

After talking with +Ricardo Cerqueira about this, we’ve decided on a strategy to ramp up and start enforcing this good practice.
0) Add a new permission with the Superuser, “android.permission.ACCESS_SUPERUSER”.
1) The new Superuser will simply warn that the developer is not declaring “android.permission.ACCESS_SUPERUSER” in the manifest. (as seen below)
2) Add an option to Superuser to automatically deny Superuser access to apps that do not have this declared.
3) After 6 months, this option is enabled by default.
4) After 1 year, this is no longer optional (always on).

This is an insanely trivial change for an app to make, and will assist with the transparency of root apps on the market. So there’s really no excuse for the developer not to do it!

It’s all about security and transparency, folks, and we like it that way. The app is in beta form for now so not everything will be working or enabled, and you may run into some bugs, but the project is already very far along and if development on Carbon — Koush’s apps backup utility — is anything to go by, you can expect very fast development time here.

Folks interested in trying this superuser app out will want to head to the ClockworkMod section in ROM Manager or download the .zip file and flash it manually in recovery. Koush says the app will eventually be available in APK form, but he has yet to implement the installation and upgrade process that will allow you to install it in one click. More details can be found at his Google+ posts here and here. Let us know how you’re liking it if you end up giving it a shot!

[Thanks to everyone who sent this in!]




  • cammykool

    i would use this over supersu

    • TheOtherGuy

      Me too.

  • sygyzy

    Just curious, how does the device owner know or specify which Super User app is used?

    • PhoenixPath

      In this case, the .zip file you install it with takes care of it. My old SU is … gone. (CM!0.1)

      • sygyzy

        Thank you.

    • https://plus.google.com/108596272537415356460/posts Jason Farrell

      It’s a regular app (along with the su binary), and you only need one.

      • sygyzy

        If I already have Super User installed, and install this, how does my system and the apps know which to request SU from? I know you only need one.

  • http://profiles.google.com/ski309 Michael Sokalski

    Wow, that’s a really good point. Why hasn’t Google added a super user permission to Android by now??

    • https://plus.google.com/108596272537415356460/posts Jason Farrell

      Probably because that would imply Google’s & partners are OK with rooted phones and root apps, rather than just tolerating ‘em.

  • irishrally

    TWRP and SuperSU …

  • Mike Reid

    > no excuse for the developer not to do it!

    Just did it for my 2 SU apps. Took a few seconds. Should have no impact on devices that don’t recognize the permission, as for all “foreign / vendor specific” permissions.

    This has long been needed and I wish Google had done it long ago, or at least will in future.

  • BrandoHD

    Nice